The government isn't publishing details, but the article gives the impression that it was some Mexican political party acting out of line who should not have uploaded this data to US servers. It appears that each party receives a copy of electoral registrations.
¿Qué chingados? I didn't know every party got a copy of all voter registrations. This seems grossly undemocratic.
In the US, voter registration is completely open. You can walk down to your Board of Elections and look at the full register, including party registration and whether you voted or not.
For contested elections, party inspectors will note active voters who haven't voted yet and report, which generates phone calls or even volunteers dropping by to drive voters to the polls.
Yeah, but the database contains occupation, address and potentially can be correlated with phone numbers. In a country where phone extortion and kidnappings are things that happen with surprising regularity.
Keep in mind also that your voting ID card in Mexico is your primary identification, similar to driver licenses in the U.S. The data from this breach can allow someone to create a pretty good fake of any voting card, which may be used to impersonate people for: banking operations, government processes (that don´t require the CURP, our equivalent of a SSN) and yes, also during elections. Voter fraud might not be much of a problem in the U.S. in reality, but in Mexico it definitely is.
"Yeah, but the database contains occupation, address and potentially can be correlated with phone numbers. "
Err, the US database contains address as well.
I remember when i used to run politics and elections products, we were basically the only company in the US to explicitly request they not give us names or anything we did not need (we were building street segment to voting location mapping)
Yeah, but how often have you been called in the U.S., heard someone sobbing on the other end, then told by someone else that they have your family member and that they will hurt them if you don't send them money immediately? (99% of the time they have nobody and it is a phishing call, but with this information then suddenly it becomes an easier to convince people, among other things). I have answered that call. My mom has answered that call (and contacted me over another phone to make sure it was indeed a scam).
My point is that what works on the U.S. and what is considered sensitive information in the U.S. might not match what is sensitive in other societies. My mailing address and phone number are relatively public while in the U.S., but back in Mexico I would never do it that way.
Doesn't the fact that they have a removal request policy page at all suggest that at least some Americans find it surprising that voter data is freely available online?
In both cases, don't forget who it's addressed to - people who have made rude, unreasonable demands and threats. Those people are bullies so it's fair to insult them.
Address and occupation and whether you have any twins is open too, for the whole country? Can you look this up right now for any adult estadounidense?
In Mexico, this isn't transparency, as only the political parties get a copy. This is surveillance, probably used for more effective targetted campaigning, which has historically been used for buying votes.
I'm not sure I will ever renew my Mexican voter registration.
The database is given to parties so they can audit if people live where they are voting, or even if they live for that matter. Not giving them access is not an option, if you want the continue having a voting system that does not require trust, as the mexican voting system was designed to allow.
I agree that the database should be made public for all citizens, as it currently stands, only parties registered for elections get a copy, and no doubt use it for their campaigns. This puts people outside of the party system in a disadvantage against the parties, particularly relevant for things like citizen initiatives.
Do you live in Mexico? I understand if you don't, but if you do... wow! it's such a pain to carry a passport. My IFE is expired right now and I have been carrying the passport for a couple of weeks, always afraid I will lose it. The cost of the passport alone would be enough motivation for leaving it at home.
To be fair, driver license is also good enough for most cases.
Nobody cares whether it could be worse, the point is that it must be better[1].
The data leaked is enough to gain access to almost a hundred million people's account on any web-service or, as some other comment pointed out, in Mexico's case even to real-life services like banking.
[1] The United States are not the norm. You might live there, but that makes you a minority of the world population. There are some nations that actually value democracy and privacy, not just on paper.
In many (most?) primaries it's a requirement that you be a registered member of that party. Luckily for me, California doesn't subscribe to this policy.
> ...party inspectors will note active voters who haven't voted yet and report, which generates phone calls or even volunteers dropping by to drive voters to the polls.
Isn't this a great example why it's bad that this data is open.
In Mexico, perhaps volunteers are dropping by to drive voters to/from the polls. With guns.
That's way too messy when you can just threaten the poll workers with guns and stuff the ballot boxes. Or better yet, just be the poll workers yourself and skip the guns entirely.
> In the US, voter registration is completely open. You can walk down to your Board of Elections and look at the full register, including party registration and whether you voted or not.
Another possibility in contested elections is party members tracking down opposing voters with a comprehensive list of who to threaten/kill and where to find them.
That link's info is so stupid. They say they know who did it, but they won't say because they don't want to alert the guilty party before the investigation is over. Guess what? the people who did it know they did it!
Also, the note says that the info is on "Amazon's sales portal" WTF?
If you, as a kid, broke a window in your school, and the principal is, like, "Look, we've seen the surveillance video and we know who did it, but we ain't saying anything until next friday", you'll know for sure you have until friday to lawyer up or skip town or whatever kids do.
Actually, when schools say so it usually means they're bluffing, the cameras were broken, they have no clue who did it and they're counting on fear to make people confess.
Right, which explains they they were reluctant to put it in the news i.e. "... but they won't say because they don't want to alert the guilty party before the investigation is over."
So it doesn't seem completely illogical why they'd do it as gp post suggests.
could be normal political process.. "hey Fred we won't tell anyone it was you if you support my outrageous bill which enriches my personal fortune some more.."
I believe it's true for Spain also, so parties can spam us with voting propaganda. The information was also sold to commercial spammers too. It was detected because small errors in spelling, not present in other records, were reproduced.
I think that it is grossly democratic. Everyone is on the same playing field.
And anyway the whole registering to vote thing is undemocratic. You have valid citizen id - you show and vote, and that is it. In Europe where everyone has government issued id card the system works fine.
In the US the suggestion that voting require an ID card is met with all the reasons people can't be bothered to get an ID card. Things like it's too far to go to get the card. Or it costs too much. Or they can't prove they are citizens.
If states were at all serious about voter verification through ID, they'd make every non-constitutionally guaranteed service require a photo ID. Then when it gets back to SCOTUS they could readily report that every resident in their state already has a photo ID.
Funny thing is that you already could buy this database for a few hundred dollars at the black markets in Mexico City. You can also walk into stores there that openly sell any drug you could possibly want... like it's on display on shelfs... or guns... or whatever else you want.
This title seems a bit off. Mentioning the hosting provider like this almost implies the leak is the fault of AWS, which to me feels like blaming Lexmark for someone printing sensitive info and then leaving it in the printer for others to find it.
This happened the same time a while ago -- at the time it was a misconfigured S3 bucket but the title was worded in a way that AWS to blame.
This seems to be a misconfigured MongoDB server hosted in AWS but details are scarce.
Personally, with the vast swaths of PII data being leaked, I am interested in whether there is a global database of these people yet. Not for nefarious purposes, mind you, but for global legal representation not limited to voting.
> Chris decided to report his discovery to the State Department and let them contact their Mexican counterparts in the spirit of cooperation. When he got no meaningful response, he reached out to the State Department’s Office of Mexican Affairs, who told him they would forward his alert up the chain. When that still didn’t achieve the desired results of getting the database secured, Chris contacted the U.S. Secret Service, Department of Homeland Security, and US-CERT
I definitely am all for doing the right thing and I might make a best effort in the same situation, but that's pretty gutsy. My overdeveloped sense of paranoia would tell me that contacting these agencies would put me on all sorts of lists I wouldn't want to be on. Who knows how easy it is for "There is a data breach" could become "I have your data, meet my demands".
It would be nice if there's a department you can trust to handle your report in a way that's both confidential and reliable about getting results.
Picking up the phone and calling random departments is how you get in trouble. All it takes is one person to scream "hacker", which is not unlike yelling "fire" in a crowded building, and you've got yourself in hot water even when trying to do the right thing.
If there was a number to report security issues of this sort, or an email address if they're that savvy, it would go a long way towards encouraging people to report serious issues.
Given how the Department of Homeland Security thinks a tiny bottle of mouthwash is a threat to national security, I wouldn't trust them to understand what a computer does.
Yeah, but that's theater performed by low-wage employees. I think it's extremely unlikely that sending a tip to help higher-level officials isn't going to accidentally get you on some watch list, as long as you're acting in good faith.
Any organization that hires these security muppets in the first place is not one I'd put any trust in whatsoever.
If some awful, unfortunate thing does happen on their watch I honestly hope the first thing they do is get the hell out of the way so professionals can handle the situation.
> Yeah, but that's theater performed by low-wage employees.
The status of the people who act out these policies is much less important than who is setting these policies. And it's not low-wage employees who are setting these policies, it's high level bureaucrats, the same bureaucrats who will be in charge of your fate should you report wrongdoing to them.
"MacKeeper[1] security researcher?" It's good to know that the crapware you have to remove from your parents' computer, which they installed thanks to dishonest pop-unders, is funding something useful.
That was my reaction too. I looked into it, the MacKeeper security researcher is Chris Vickery. In December 2015, while not employed by MacKeeper, he discovered a database of 13 million MacKeeper usernames and passwords [1]. MacKeeper then hired him in January 2016 to create a "Analytical and Security Center" [2].
Holy shit, I keep removing MacKeeper from my parents computers. Every time I visit. And my dad always gives me a guilty look and says "I shouldn't have installed that again right?"
As far as I can tell the article is worded poorly. He doesn't work for MacKeeper, he is the researcher that found a similarly exposed database of 13 million MacKeepe users. http://krebsonsecurity.com/tag/chris-vickery/
93 million Mexicans? That 78% of all Mexicans, essentially every adult. Wow. I'm kind of glad I haven't registered to vote recently, but perhaps my old registration which I haven't renewed is still there. My only consolation is that most of the troublesome information such as occupation and address would be outdated for me.
Here in Brazil there are websites which will give you info (address, telephone, mother's name, even salary) on basically anyone. They take it from CADSUS, i.e. the SUS (publich health system) registration system, which is available for every public hospital to do queries, but those hospitals receive a default and very common username/password combination which they usually don't change. They also take info from credit protection agencies such as Exparin (presumably some employers sell access passwords).
It's completely nuts. I always give fake or incomplete information to everyone, private or public (and you must give info for practically anything here). If it's absolutely necessary to give real info, then I never update it.
> Amazon’s automated system for reporting abuse was equally frustrating to navigate, Vickery said. It repeatedly asked him to submit irrelevant information. [0]
This is generally a problem I've come across multiple times. Small hosters are usually quicker to respond ( or they don't at all), and then actually try and handle malicious hosts on their networks.
The large ones like Amazon or CloudFlare (especially CloudFlare) have a semi-automated process, where the impression I get is that I am talking to a really stupid bot. Or when I get through to a human, that they are so overworked that they aren't able to comprehend the sentences that write to them in plain english, so nothing get's resolved.
Or they just forward my info to their customers, which in many cases is a real security risk.
Insufficient security at a national level has been frontpage of hnews all this week from various countries: Turkey, USA, Malaysia, Mexico, &c.
From this and many other leaks and breaches from companies, governments & institutions one could deduce security is imperfect & digitally massively so.
Identity theft is rampant; Biometrics are irrevocable - yet the solution is used by most people everyday.
Cryptography solves both the problem of identity and privacy simultaneously.
It is establishable as persona via chains of trust, e.g. PGP signing.
Apart from societal control there seems no good reason not to adopt a system whereby everyone is issued a private and public key - which signs every email, bank instruction, comminucation & vote.
Akin to good practice being to store only password hashes so only the individual posses the secret.
Ones identity would be ones own responsibility and huge leaks like this would reveal nothing but a list of public keys obtainable by crawling the web.
One can imagine a dystopian future nation where individuals must fight to protect their basic fundamental rights from state level adverseries operating outside the law - punchline is the worst threat is their own government.
Ever since Gibson the best science fiction is set in the present.
Some countries are already implementing that - for example, in Portugal, the Citizen's Card is a smartcard with a private/public key pair, signed by the issuing department, and which one can use to login to certain governmental sites (like the IRS) and to sign documents. I hear Estonia has a similar system.
While I think it's a good idea for services that already required official documents (governmental services, bank accounts, certain utility contracts), I fear that once the system is actually used by most people - right now it's still mostly ignored - more and more services that were once somewhat anonymous will start requiring the card, since the barrier is much lower than having to send an authenticated photocopy.
Cryptography is useful for anonimity in that it doesn't have to be tied to a real identity and PGP keypairs can be generated by anyone.
This allows anonymous accounts that are also verifiable.
National ID databases or Government Overreach can be enacted using an insecure system like Social Security Number as a database key, already.
Certain private elements of ones file, such as credit card, or medical records, could be kept encrypted until the citizen grants a temporary access token.
> Apart from societal control there seems no good reason not to adopt a system whereby everyone is issued a private and public key - which signs every email, bank instruction, comminucation & vote.
Privacy and key loss are two reasons that come to mind.
Key loss would require re-issue - under the present system that uses real details or a biometric these cannot be revoked so cryptography seems better.
The current system the UK uses is a Nation Insurance Number, which is just a key in a government database but once issued it is not revokable either.
Solutions like a back up reissue key, or quorum of those who signed you key verify it is lost and then it can be resissued, or an trusted official like ones lawyer - or you have to take some ID to a post office.
It may be inconvenient but less inconvenient than identity theft today.
As for privacy this is solved by crytography too, so I don't follow your first point.
If I wanted to message you privately, I encrypt the message with your public key and then you and only you can read it - just like PGP today.
Of course this hypothetical system unbackdoored cryptography would be fully legal so we could have keys just for privacy between us / or verification.
A bank could issue a key per account, the key ensures your banking cannot be eavesdropped and ensures the identity for this account.
Chris got lucky - he is lucky he is not under criminal investigation for hacking or even spying. It is a sad fact that all too often the people who bring attention to data breaches and security issues, get targeted and accused of hacking. The people involved do not want to admit they are at fault, so try to justify this by saying the whistle-blower / good Samaritan are criminally accessing the data.
If one discovers a security issue or data breach, it is best to either do nothing, or at most raise the issue very anonymously.
The article isn't entirely clear how AWS is as fault here. Usually, it comes down to misconfigured AWS settings which are the users' responsibility in the shared security model. A shameless plug, but there are ways to scan your account for these misconfigurations which can lead to leaks like this. I've been working on CloudSploit (https://cloudsploit.com), an open-source and hosted scanning service that can continually check your accounts for these kinds of risks.
> "and their unique voting credential code (number/identifier)"
I find this the most interesting. I thought of a voting system where every citizen gets a unique voting key. It obviously would be a huge mistake to vote directly with such a key. Signing your voting decision makes a lot more sense. This way only the government and you know the key.
I wonder what will happen now, looks like they will have to reissue 93M codes.
It's not a signing code, votes are truly anonymous; it's the unique serial of the physical card and one of the various citizen IDs used in the country.
These numbers are typically abused in mass fraud for government monetary/physical goods assistance programs.
According to the world bank, 2015 population of Mexico is around ~125 million. This means that roughly 75% of the population could be affected.
http://data.worldbank.org/indicator/SP.POP.TOTL
http://www.diariodemexico.com.mx/inemexico-encuentra-quien-f...
The government isn't publishing details, but the article gives the impression that it was some Mexican political party acting out of line who should not have uploaded this data to US servers. It appears that each party receives a copy of electoral registrations.
¿Qué chingados? I didn't know every party got a copy of all voter registrations. This seems grossly undemocratic.